pasbydocs
OIDC API

OIDC overview

Hosted identification at oauth.pasby.africa with PKCE for web applications.

The pasby OIDC API lets third-party apps verify users and receive consented identity attributes through a short, OAuth-like flow:

  1. Your backend starts a session (kipindi / login)
  2. The user identifies on pasby’s hosted UI (national.eid.pasby.africa)
  3. Your backend exchanges the handshake for an access token (kupeana / shake)
  4. Your backend fetches claims (resource)

Base URL: https://oauth.pasby.africa/api/v1/oidc/

Related surfaceURL
Identification UIhttps://national.eid.pasby.africa
Developer consolehttps://console.pasby.africa

Use OIDC for browser-first products. Use the public API v2 for signing, documents, wildcard QR, and mobile-native flows.

Official SDKs

Prefer an SDK over raw HTTP — they handle PKCE, headers, encryption, and callback wiring.

PackageStackGuide
@finsel-dgi/pasby-nextNext.js App RouterNext.js OIDC
@finsel-dgi/pasby-reactReact + Node backendReact OIDC
REST / Go / otherAny HTTP clientOIDC quickstart

Start here: OIDC quickstart

User-facingRoute aliases
Start sessionkipindi, login
Exchange tokenkupeana, shake
Get user claimsresource

API reference

Documents

Document signing, review, and refresh — requests, responses, and field reference.

OIDC quickstart

Hosted identification with PKCE — Next.js, React, Node, or Go.

On this page

Official SDKsNavigation labelsAPI reference